1148d0b364b5838a155fa09ae6f95e2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1148d0b364b5838a155fa09ae6f95e2a_JaffaCakes118
Size

312KB
MD5

1148d0b364b5838a155fa09ae6f95e2a
SHA1

f733a3a31b3af18ad723e397397a08a0dc6b8844
SHA256

81d03b636df4b7c055c56347e53320c58b0c8bb79d587dcf2ed4e03fe2376d5c
SHA512

e06b41a24d367b37c0d22e1d77fe5711191b00690c446ec5354a8043233e1d733eb2d1fb960b3b1354ce534a83225e1e0948217d24dfb373e284abbb98d5176f
SSDEEP

6144:4X7qKYkTzlGz9gOUb2GBqoOkR6loMnKXAOqLdlt1nIZDL7+IaO/:mqK/lGRgOUqmq9kR6lhKXOIZDf+U/

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1148d0b364b5838a155fa09ae6f95e2a_JaffaCakes118

Files

1148d0b364b5838a155fa09ae6f95e2a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 292KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE